Use and configuration of templates for management of cloud providers

ABSTRACT

System and methods for the creation of templates for a user role from an existing user for use in one or more cloud services are provided. The template may comprise various user settings for different cloud services subscribed to by an entity. The templates once created can be applied to a group of users within the entity such that the various user settings in the template can be applied to the users in the group. The various user settings in the template can also be modified, and once modified, the template can be applied to users in the user group that has been applied with the template. User interfaces can be provided for specifying the creation of templates, modification of templates. The aggregation of common software providers, services, users and user types into templates and associated settings privileges, and other attributes are also provided.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application claims benefit to U.S. Provisional Application No. 62/187,118 filed Jun. 30, 2015 entitled USE AND CONFIGURATION OF TEMPLATES FOR MANAGEMENT OF CLOUD PROVIDERS” of which is incorporated by reference herein in its entirety for all purposes.

This application is related to U.S. Provisional Application No. 62/187,109 filed Jun. 30, 2015, entitled “MANAGING USERS OF CLOUD SERVICES WITH MANAGEMENT TOOL” and U.S. Provisional Application No. 62/187,124 filed Jun. 30, 2015, entitled “SYNCHRONIZING DATA BETWEEN CLOUD MANAGER AND PROVIDERS” each of which is incorporated by reference herein in their entirety for all purposes.

This application is related to U.S. Non-Provisional application Ser. No. ______, filed Jun. 30, 2016 entitled “MANAGING USERS OF CLOUD SERVICES WITH MANAGEMENT TOOL” (Attorney Docket No. 096662-1003026(000610US)) and U.S. Non-Provisional application Ser. No. ______, filed Jun. 30, 2016, entitled “SYNCHRONIZING DATA BETWEEN CLOUD MANAGER AND PROVIDERS” (Attorney Docket No. 096662-1003028(000810US)) each of which is incorporated by reference herein in their entirety for all purposes.

FIELD

The disclosure generally relates to management of data within software as service products. Specifically, the disclosure relates to enhanced management of various software as a service providers and attributes via templates.

BACKGROUND

Modern companies and associated IT consulting firms need to manage the software services that the companies provide to employees. This process can involve the provision of a variety of computer services from a variety of vendors to employees of the company. IT consulting firms can be hired by companies to manage the IT environment for a company. The services can often have various differing user interfaces and data formats, which can require a high level of overhead to manage. Different employees can need various access rights to different software services, and those access rights can vary based on for example an employee's role. For example certain employees should be provided different access to software services. However, the recognition of and management of groups of users as opposed to individual users can be challenging.

Embodiments of the invention address these and other problems, individually and collectively.

BRIEF SUMMARY

Embodiments can provide a management tool that can apply user settings for various cloud services to a group of users through a model profile or a template. As used herein, the terms “model profile” and “template” are used interchangeably. The template can be generated from scratch or generated based on an existing user profile. The template can contain user settings for various cloud services. After the template is generated and saved, the template can be assigned to the group of users, for example, users having a similar function within an entity. Once assigned to the group of users, the user settings in the template may be applied to the user records associated with the users in the user group. In some implementations, rules may be established such that a given template may only be applied to one group of users and a given group of users may only be applied with one template.

The management tool can be configured to receive changes of user settings in the template. After the changes are received, the updated template can be saved to the database and the changes can be automatically applied to the user records associated with the users in the user group that was assigned to the template.

Embodiments can provide user interfaces for the aforementioned creation and modification of templates.

Embodiments can provide aggregation of common software providers, services, users and user types into templates and associated settings privileges, and other attributes.

Other embodiments are directed to systems, portable consumer devices, and computer readable media associated with methods described herein.

A better understanding of the nature and advantages of embodiments of the present invention may be gained with reference to the following detailed description and the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an exemplary system architecture for managing individual users within an entity to use multiple cloud services in accordance with the disclosure.

FIG. 2 illustrates processing user information from two cloud services in accordance with one embodiment of the disclosure.

FIG. 3 illustrates an exemplary common graphical user interface for managing a user for different cloud services through a user profile in accordance with one embodiment.

FIG. 4 illustrates an exemplary interface that can be implemented to enable an operator to generate a new template.

FIG. 5 illustrates an exemplary interface that can be implemented to enable an operator to manage a template.

FIG. 6 illustrates a template can be applied to user records associated with a group of users after the template is saved to the database.

FIG. 7 illustrates an exemplary method for generating and applying a template to a group of users in accordance with the disclosure.

FIG. 8 shows examples of subsystems in a computer apparatus implementing various embodiments.

DETAILED DESCRIPTION

A template in accordance with the disclosure can be considered a combination of many different user settings for different cloud services that can be applied to multiple users. A template can be generated from scratch. It could be generated based on user profile for an existing user. It could also be derived from an existing template. In whole, a template can be used to streamline administration of services that could generally take a person to jump back and forth between services to get it all set each up. Templates allow for time reduction by taking something that could take hours of doing the work and frustration on the end user to be lumped into a single template. Administrators may not need to go through everything for one or more partner.

In accordance with the disclosure, embodiments provide a management tool that can be configured to apply user settings for various cloud services to a group of users through assigning a template to the group. The user settings for the various cloud services may indicate features activated on the cloud services, groups available on the cloud services, licenses provided by the cloud services, and other information regarding the cloud services. The management tool can facilitate an operator to aggregate such user settings into the template, which can correspond to a profile for a function within an entity, such as a company. In this sense, the template may be considered as a model profile, and as used herein, a template may be referred to as a model profile. For example, a template for a sales professionals or a template for engineers, management, or other roles within a company can be generated to capture user settings for the different cloud services appropriate for users in those groups. After a template is created, users in the corresponding user group can be applied with the template such that the user settings for the various cloud services in the template can be propagated to the user profile for each user in that group.

Thus, the management tool can use templates to propagate user setting changes for the cloud services to groups of users. A group of users can be assigned a particular template, and if changes are made to that template, all users that are assigned that template can have corresponding changes made to them. Templates can provide many technical advantages including time saving, consistency, reduction of user mistakes and simplicity in user management, and allowing for enforcing security or access policies. By having changes or policies applied to templates, the management tool can save time making changes or applying template specific rules or policies. By applying changes or policies once to a large group, there is a decreased chance for errors being made. Security policies can be implemented across templates to allow for well-defined access control where appropriate.

I. System Architecture

FIG. 1 illustrates an exemplary system architecture 100 for managing individual users within an entity to use multiple cloud services in accordance with the disclosure. As shown, the system architecture 100 may include a server 106 provided by the entity. In certain implementations, the server 106 may include one or more processors configured to perform web services, processing jobs and/or to perform any other functions. The server 106 may be configured to facilitate user management for different cloud services subscribed to by the entity, to enable the users to use the cloud services via the individual client computers 104, and/or to perform any other functions. As shown, the server 106 may be operatively coupled to a database 102, which can contain user profiles associated with the individual users of the entity. A user profile associated with a particular user of the entity may comprise information indicating specific cloud services provided by the user. For each of the specific cloud services, one or more features or settings that are available for the individual users, values (defauLt or configured) for those features or settings for the particular user, and/or any other information can be indicated through the user profile. As will be described below, the user profile associated with the particular user can be used to facilitate the particular user to use the cloud services available to the particular user as subscribed to by the entity.

In some embodiments, server 106 can be configured to provide virtualization of groups or teams of employees within the entity, and the ability to apply various actions across cloud services to groups or teams of users. For example, different groups or teams within the entity include sales, marketing, engineering, or the like.

The server 106 can be configured to communicate with cloud servers, such as cloud servers 110, 120, 130 shown in this example. As shown, each of the cloud servers 110, 120, 130 may be provided by a cloud service provider for facilitating respective cloud-based services. For example, the cloud server 110 may be a server that facilitates a cloud-based email service. The cloud server 120 may be a server that facilitates a network storage service. The cloud server 130 may be a server that facilitates a cloud-based backup service. As also shown, the server 106 may be configured to communicate with each of the cloud servers 110, 120, 130.

The communication between the server 106 and the cloud servers may include communication of user information. For enabling the respective cloud service for the users within the entity, a given cloud server may store user information for those users. For example, as mentioned above, the email cloud service provider may keep a set of user information for providing the email service to the users in the entity, and the network storage service provider may keep another set of user information for providing network storage service to the users in the entity.

II. Generating a Template

A template can be an aggregation of specific user settings for different cloud services. For example with Microsoft Office and specifically Office 365, there is Exchange, which is an email system and services like SharePoint or Skype for Business or Yammer, and of the all other offered Office 365 services that Microsoft offers within that umbrella. A template can specify which of these services provided by Office 365 are enabled for a particular user group or individual user. A template can also expose licenses and groups provided by the cloud service. An example of groups can be found in Office 365, where there are group types such as Security, Distribution, Dynamic Distribution, and Tenant groups. A template can also be an aggregation of licenses of cloud services, and groups of cloud services. A template can also contain another template.

The management tool can start a discovery process to discover what licenses and features, and all the users that are licensed and non-licensed under a particular tenant. A tenant can be a domain or the customer that is being managed under a particular service. For example, a company using a particular provider could comprise a tenant. A template can be used to maintain all licenses and all users under a single umbrella. A tenant can also relate to the information a customer has for a particular SaaS provider.

A. Discovery Process

For obtaining user configurations, settings, features activated, license information and/or any other user information from different cloud services subscribed to by the entity, the server 106 may be configured to engage in a user information discovery process. During the user information discovery process, each cloud server, such as cloud server 110, 120, or 130, can be contacted to obtain user information pertinent to the users within the entity. For example, a command may be fired off during the user information discovery process to obtain user information from cloud server 110. The command may include identification information that identifies the entity for the first cloud service (e.g., an email service), such as a domain name, or a company name associated with the entity. The cloud server 110 may then retrieve the requested user information and return it to the server 106. The requested user information may represent all of the user information pertinent to the users within the entity that have been registered with the first cloud service.

In some embodiments, the user information discovery process may be scheduled on the server 106 to run periodically, such as nightly or weekly. In those embodiments, the user information discovery process may start at the same time on those basses. For example, the user information discovery process can be scheduled to start 11 pm every night. During that process, desired cloud servers that provide cloud services to the entity can be contacted and user information can be obtained from the cloud servers. However, this is not intended to be limiting. In some implementations, the user information discovery process can be started manually by an operator of the entity.

In some embodiments, the server 106 may be configured to generate error messages or alerts when the user information discovery process is not successful in obtaining user information from one or more of the cloud servers. For example, in response to server 120 not responding to the user information discovery process, the server 106 can be configured to generate an alert to notify an operator of the entity that server 120 is not responding to the user information request during the discovery process.

Issues could also arise when connections to one or more cloud services cannot be established, or where connections to providers are throttled or otherwise limited. If a connection were to fail and the tool did not have a connection to the cloud service at a particular time, the server 106 can be configured to place the connection requests in a queue, this queue could be used to hold those actions until server 106 can communicate with the cloud server.

In some embodiments, the server 106 may be configured to enable an operator of the entity to specify which one or ones of cloud services to be included in the user information discovery process. In those embodiments, a separate configuration file may be stored on server 106 for each cloud service. The configuration file may include information such as which server(s) of the cloud service to contact in a sequence, addresses of those servers, and/or any other server information. In those embodiments, a user interface may be provided to the operator to enable the operator to select the cloud services to be included in the user information discovery process.

B. Identifying a Model Profile

Since many cloud service providers operate independently, the user information maintained by them for enabling their respective services are typically not coordinated. That is, for a particular user within the entity, a set of user information may be maintained by a first cloud service for enabling the particular user to use the first cloud service, and another set of user information may be maintained by a second cloud service for enabling the particular user to use the second cloud service. For example, the first set of user information may include a user ID identifying the particular user for the first cloud service, while the second set of user information may include another user ID identifying the particular user for the second service, and the two different user IDs could be very different, even though they identify the same user. Accordingly, processing of the user information obtained from different cloud servers is desired to consolidate or match it to specific users within the entity.

FIG. 2 illustrates processing user information from two cloud services, cloud services 210 and 220, to match specific users within an entity in accordance with one embodiment of the disclosure. As shown, user information 230 may be obtained from cloud service 210, and user information 240 may be obtained from cloud service 220 through the user information discovery process described above. The user information 230 may indicate a set of users within the entity are licensed to use cloud service 210, and may include configuration information indicating settings configured for and/or features activated for those users for using the cloud service 210. The user information 240 may indicate a set of users within the entity are licensed to use cloud service 220, and may include configuration information indicating setting configured for and features activate for those users to use cloud service 220. As shown, the user information 230 and 240 may have some overlapping information 250, such as the names of the users that are licensed to use both cloud services 210 and 220.

As a part of user information discovery, the management tool can process the user information from different cloud services to obtain a user profile for an individual user. The user profile can provide a view of various user settings for the different cloud services for the individual user. In some embodiments, the management tool may provide a common graphical user interface for managing the user profile. The user profile may comprise settings or attributes for different cloud services that can be used by the individual user associated with the user profile. Changes to the attributes can be received from the common graphical user interface and propagated to corresponding cloud server or servers to effectuate the requested changes on the cloud servers.

FIG. 3 illustrates an exemplary common graphical user interface 300 for managing a user for different cloud services through a user profile in accordance with one embodiment. The interface 300 may be provided by a server 106 described and illustrated herein, and may be presented on a client computer 104 for access by an operator of an entity. In this example, the entity for which the users are managed by the management tool is “midland transportation”. As shown, the interface 300 can be configured to present a user profile 302 for a user within midland transportation, named “Arnold Rostein”. The user profile 302 can be constructed by the management tool from a corresponding user record stored in the database 102. As shown, the user profile 302 may include some common information 308 such as first name 304 and last name 306 of the user, an address of the user, a telephone of the user, an email address of the user, and/or any other common information regarding the user. Some of the common information 308 can be used as criteria for matching user information from different cloud services. For example, the first name 304 and last name 306 of the user can be used as criteria to match user information from one or more cloud services to specific users within the entity. The common information 308 may be obtained from corresponding common fields, such as fields 502 and 504, from a user record for the user for whom the user profile 302 is constructed, e.g., user Arnold Rostein.

The user profile 302 may comprise email information 310 for the user. As shown, the user may have a different email address for a different cloud service. These email addresses can be shown in the interface 300 for administering the user. In this example, the user Arnold Rostein has an email address 310 a for an office 365 service, and another email address 310 b for a network storage service.

As shown, the interface 300 may comprise a section 312 for displaying and configuring various settings for different cloud services for the user. In this example, the user Arnold Rostein has two cloud services available for him to use i.e., office 365 service 314, and a backup service 324. In this example, license information 320 regarding one or more licenses granted to Arnold Rostein for the office 365 service 314 is displayed in interface 300, As shown, an E3 license is currently assigned to user Arnold Rostein. As shown, other supported licenses for the office 365 service 314 can be granted to Arnold Rostein through a control 330 such that the operator of the entity does not have to use a tool or interface provided by office 365 service to do that.

As shown, various specific settings 328 for the office 365 service configured for Arnold Rostein can be displayed in the interface 300. These settings may be grouped under specific features they correspond to. As described above, the values of the settings 328 can be obtained from corresponding cloud service and stored as part of user record for Arnold Rostein. As also shown, the interface 300 can provide user controls to enable an operator of midland transportation to change the settings 328 for Arnold Rostein.

As also shown, the interface 300 can include group information 316 indicating one or more groups the user belongs to on a corresponding cloud service. The group information 316 may be obtained or synchronized from a corresponding cloud service. In this example, the user Arnold Rostein belongs to several groups on the office 365 service. As shown, control 332 can be provided in the interface 300 to enable the operator to add Arnold Rostein to a group on the office 365 service without having to use a tool or interface provided by the office 365 service. As still shown, various other features such as shared mail box 318, public folders 322 on the office 365 office service, can also be displayed and configured for user Arnold Rostein. The various settings for Arnold Rostein for the office 365 service 314 described above can be obtained from corresponding fields in the user record for user Arnold Rostein for the office 365 service.

Settings for another cloud service, such as a backup service 324, can also be displayed and configured in interface 300 for user Arnold Rostein. In this example, as shown, setting 326 may be displayed to show the office 365 service for user Rostein is configured to be on. The interface 300 similarly enables the operator of the midland transportation to change the setting 326 for Arnold Rostein without having to use to a tool or interface provided by the backup service 324.

In certain embodiments, as in the embodiment shown in FIG. 3, the management tool can enable an operator to create a template based on the user profile 302. In those embodiments, the operator may identify a particular user profile, for example such as user profile 302, as a model profile. The operator then may be enabled to create a template using the model profile such that the template contains user settings for the different cloud services in the model profile. FIG. 3 illustrates one example mechanism for enabling the operator to create the template based on user profile 302. As shown, a dropdown menu 334 can be displayed in interface 300 when button 336 is clicked. In the dropdown menu 334, an option for saving user profile 302 as a template can be presented such that once that option is selected, the user profile 302 can be saved as a template.

C. Generating a Template

FIG. 4 illustrates an exemplary interface 400 that can be implemented to enable an operator to generate a new template 402. As described above, a new template can be generated using an existing user profile identified as a model profile by the operator. As shown, the management tool may be configured to provide the interface 400 to enable the template to generate the new template 402 based on an existing user profile. For example, the interface 400 may be presented after the operator requests to save user profile 302 as a template as shown in FIG. 3. However, this is not necessarily the only case. A new template can also be generated from scratch by specifying various user settings for different cloud services.

As shown, an input box 414 can be provided in interface 400 so that the operator can give a name to the template 402. The operator may name the template 402 whatever is desired, for example, engineering, marketing, and the like. An input box 404 can be provided in interface 400 so that the operator can provide a description for the template 402. As still shown, the template 402 may comprise one or more sections that group related user settings for different cloud services, such as the “license and group” section 406 shown in FIG. 4. The “license and group” section 406 can contain user settings related to licenses and groups provided by different cloud services. In this example, three exemplary cloud services are shown—i.e. Office 365 408, skykick backup service 410, and Dropbox service 412. As shown, template 402 can have user settings for license and group for each of the cloud services shown.

III. Assigning Tile Template to a Group of Users

As described above, a template can be assigned to a group of users. For example, within a company there might be groups for sales, marketing, engineering, management, and many others. These groups can require different levels of access to the cloud services subscribed to by the company. For instance, users in the sales group may have permissions and licensing provisions for the cloud services different from the users in the engineering group. There can thus be separate templates for engineers, marketing, management, sales, and all other groups within a company. However, this is not necessarily the only case. In some examples, a template can be applied to multiple groups of users. For example, a template of user settings for a specific cloud service, for example Office 365, can be generated and applied to certain groups of users; and another template of user settings for another specific cloud service, for example Dropbox, can be generated and applied to those groups of users.

In certain embodiments, rules may be established with respect to how a particular template can be assigned to user groups. For example, a rule can be established such that each template can only be assigned to one group of users, and another rule can be established such that each user group can only be assigned to one template. In that example, these rules may be enforced by the management tool when an operator assigns a particular template to a group of users. As illustration, when the operator assigns a template to users in a sales group, the management tool can be configured to detennine if that template has been assigned to another group of users and if the sales group has been assigned to another template. Only when the management tool determines neither condition is true, that template may be assigned to the users in the sales group.

The management tool can provide an interface enabling an operator to manage a particular template for a group of users. The interface can be used to turn various services and features on and off in the template. For example, through such an interface, the operator can specify a user that gets a template applied will have access to a cloud service and have a license. The tool can have a framework that can be used to apply a template against a group of users.

A. Managing the Template

FIG. 5 illustrates an exemplary interface 500 that can be implemented to enable an operator to manage a template. In this example, a template 502 is shown being managed through interface 500. The template 502 is generated from an existing user profile 302, i.e., the user profile for Arnold Rostein, as shown in FIG. 3. As shown, like the interface 300, the interface 500 can enable an operator to configure various user settings for different cloud services. In this example, the template 502 is for users in a sales group within the “Midland Transportation”. As can be seen, a button 504 can be provided in the interface 500 to enable an operator to save the template 502.

In some implementations, one or more new cloud services can be associated with an existing template, such as template 502. For example, after the entity add two cloud services for use by its users, an operator of the entity may request to add the cloud services to the template 502 so that template 502 can have user settings for the new cloud services. For example, an interface may be provided for the operator to specify those two cloud services may be added to template 502. The management tool can receive such a request, and associate the new cloud services with the template 502. In some embodiments, in response to such a change in the template 502, the management tool can be configured to locate user records for the users in the user group that has been assigned to the template 502, assign the new cloud service providers to those user records so that use settings for the new cloud services can be manipulated through those user records.

In some implementations, one or more existing cloud services can be removed from template 502. For example, after the entity stopped subscription for some existing cloud services, an operator of the entity may request to remove those cloud services from template 502. For example, an interface may be provided for the operator to specify those cloud services may be removed from template 502. In some embodiments, in response to such a change in the template 502, the management tool can be configured to locate user records for the users in the user group that has been assigned to the template 502, and remove those cloud service providers from those user records so that use settings for those cloud services may not be manipulated, through those user records.

B. Storing the Template

In implementations, a database, such as the database 102 shown in FIG. 1, can be used to store user data and as well as template data. As described above, a template and a user profile can have syntactically the same structure when it comes to configuration of different licenses, features, and so forth. In the database, user data (e.g., a user record) and templates may be stored separately. For example, a user record table can be stored in the database 102, and the user record table can comprise individual user records. Each of the user records may comprise cloud service configurations for different cloud services for an in individual user associated with the user record. A separate template table can be stored in the database 102. The template table can comprise template records. Each template record can represent a specific template, for example, sales, engineering, HR, or any other template. The template record can comprise template data that can be mapped to configurations or settings, for example, as shown in FIG. 5.

The database can be based on and built using a framework such as the Entity framework and associated EDMX model, which can contain full table descriptions with all the properties on it. In certain implementations, the database can contain a data object CTemplate, which may represent a highest level of data, and can contain a name of the template, for example marketing, FIR, or similar, and a description of the template. A given CTemplate data object can contain multiple fields “CT Provider”. A CT Provider can link a corresponding data object contain individual user configurations for a specific cloud service. Thus, data for different cloud services can be specified in a CT Template table.

C. Assigning and Applying the Template

A template can be a framework for a group of users. As described above, a template can be assigned to a group of users, such that the user settings for different cloud services as specified by the template can be applied to user records for the individual users in the group. In some implementations, the template can be assigned to the group of users manually by an operator for example through an interface provided by the management tool. For instance, when creating the template through interface 400, the operator may specify this template is to be assigned to one or more user groups, and once the template is saved by the operator at the end of the creation process, the template can be assigned to the specified group of users automatically. After the newly created template is saved to the database, the user setting in the newly created template can then be automatically applied to the those groups of users.

As described above, in certain embodiments, one or more rules may be stored for assigning the template. For example, a rule may be established that a given template can only be assigned to one group of users, and another rule can be established such that a given group can only be assigned to one template. Such rules can be enforced when the template is being assigned to a group of users. However, this not intended to be limiting. In some embodiments, a given template can be assigned to multiple groups of users. In some embodiments, a given group can be assigned to multiple templates.

It should be understood that user settings for the different cloud services can be individually configured for the users in the group beyond what the template specifies through the management tool described herein. This provides a flexibility to customize a user beyond what the template assigned to user has. For example, as illustration, a user might not have access to a particular provider based on a template assigned for marketing, because access to the provider's services and tools are not needed in the marketing department. Thus, the user does not have access to that particular provider based on the template assigned to the user by virtue of the user being in the marketing group. However, the management tool can be configured to provide the user, access to the provider. Even though the user is part of a marketing group that has limited or no access to a service, the user can have additional functionality and access to services added in. This user includes more elements and access to services from one or more providers than the template that it was created from.

In certain implementations, after user setting changes are made to template 502 through interface 500 and the template 502 is requested to be saved to the database through button 504, the user setting changes in the template 502 may be automatically applied to the group of users associated with the template 502, for example users in the sales group shown in FIG. 5. In certain implementations, a number of commands can be generated automatically for applying the template to individual users in the group after the template is saved as part of a template assigning process. Each command can contain one or more instructions to apply one or more user settings in the template to the user records associated with the users in the group.

FIG. 6 illustrates a template is applied to user records associated with a group of users after the template is saved to the database. As shown, after an individual template 602 is requested to be saved, for example, through interface 500, data in the template 602 can be saved to a corresponding template record 606 in the database 102. Also shown is that a number of commands 604 can also be generated after the template 602 is saved to the database 102. Each command 604 may contain one or more instructions that apply related user settings for a particular cloud service to the user records associated with the users in the group. For example, a command containing instructions that apply license settings for cloud service #1 may be generated; another command containing instructions that apply group settings for cloud service #1 may be generated; yet another command containing instructions that apply license settings for cloud service #2 may be generated; still another command containing instructions that apply group settings for cloud service #3 may be generated; and so on.

As also shown in FIG. 6, after the commands 604 are generated, they can be executed individually against user records 608 stored in the database 102. By executing the individual commands 604, the settings in the template 602 can be propagated to the individual user records 608, As described above, a given user record 608 may already have fields corresponding to the fields in the template 602. For example, the given user record 608 may have one or more fields corresponding to license settings for Office 365, one or more fields corresponding to group settings for Dropbox, and etc. Those fields in the user records 608 can be readily updated through commands 604. In situations where one or more fields in the template do not exist in a user record 608, those fields can be generated and populated in the user record 608 according to the template.

Errors may arise when the template 602 is applied to the user records 604. For example, as illustration, the template 602 may contain a user setting indicating a user that is applied with the template 602 may have a E3 license for Office 365. In that example, the template 602 may be applied to users in a sales group, and there may be 50 such users. However, the entity may only have 40 E3 licenses available for Office 365. In that situation, when applying the template 602 to the group of users, not all of the users in the group can have an E3 license, and thus an error can occur. In some implementations, when encountering such an error, the management tool can be configured to generate an error message and present the error message to the operator, for example, via an email notification.

IV. A Process for Generating and Applying a Template

Having described various structures and components, and a system architecture for generating and applying a template to a group of users in accordance with the disclosure, attention is now directed to a process for the same. FIG. 7 illustrates an exemplary method 700 for generating and applying a template to a group of users in accordance with the disclosure. The method presented in FIG. 7 and described below is intended to be illustrative and non-limiting. The particular series of processing steps depicted in FIG. 7 is not intended to be limiting. It is appreciated that the processing steps may be performed in an order different from that depicted in FIG. 7 and that not all the steps depicted in FIG. 7 need be performed.

In some embodiments, the method depicted in flowchart 700 may be implemented in one or more processing devices (e.g., a digital processor, an analog processor, a digital circuit designed to process information, an analog circuit designed to process information, a state machine, and/or other mechanisms for electronically processing information). The one or more processing devices may include one or more devices executing some or all of the operations of flowchart 700 in response to instructions stored electronically on an electronic storage medium. The one or more processing devices may include one or more devices configured through hardware, firmware, and/or software to be specifically designed for execution of one or more of the operations of flowchart 700.

At 702, a model profile (template) can be generated based on an existing user profile. As described in FIG. 3, in some embodiments, an interface may be provided to enable an operator to identify an existing user profile for a specific user as a model profile, and save it as a template that can be applied to other users in a specific user group. The template may comprise various user settings for different cloud services, for example license, group, storage and/or any other types of user settings for the different cloud services. An entity, such as a company, may separately maintain different groups of users based on their functions within the entity. For example, the entity may maintain a sales group for sales professionals within the entity. For instance, the template may comprise a first user setting for a first cloud service, e.g., a type of license for the first cloud service; and a second user setting for a second cloud service, e.g., a group for the second cloud service. In some implementations, the template can be generated using interfaces the same as or substantially similar to interfaces 300 and 400 described and illustrated herein.

At 704, the model profile (template generated at 702 can be assigned to a group of users. As described above, template data and user data can be stored in a database separately. For example, a template table can be stored in the database to contain template records, and each template record may be mapped to a template generated at 702. User record table can be stored in the database to contain user records, and each user record may comprise various user settings for different cloud services for a corresponding user. As described above, a given user record in the database and a given template record may share similar fields, such as license and group configurations for different cloud services.

In some implementations, after a template is saved to the database, the user settings in the template can be applied to user records associated with users in the specific user group assigned to the template. In that example, a template can be generated for the sales group and applied to the users in the sales group such that each user in the sales group may have the user settings for the different cloud services in the sales template. In some implementations, operations involved in step 704 may be the same as or substantially similar to those described in section III above.

At 706, a change of the first user setting and a change of the second user setting in the model profile generated at 702 can be received. In some implementations, an interface the same as or substantially similar to the interface 500 described and illustrated herein can be implemented for receiving the aforementioned changes.

At 708, the updated model profile (template) can be saved to the database. In certain implementations, an interface the same as or substantially similar to the interface 500 described and illustrated herein can provide a control to enable an operator to manually save the aforementioned changes to the database. However, this is not necessarily the only case. In some other implementations, after receiving the aforementioned changes in the template, the template can be automatically saved to the database.

At 710, the changed first and second user settings can be applied to the user records for the group users through the model profile (template) updated at 708. In implementations, after the updated template is saved to the database, the changes received in the updated template can be automatically applied to the group of users that is assigned to the template. In those implementations, commands can be generated to apply the changes received in the template. For example, a command containing an instruction that applies the change of the first user setting to the user records associated with the users in the group can be generated; and another command containing an instruction that applies the change of the second user setting to the user records associated with the user in the group can be generated. Those commands can be executed against the user records in the database to propagate the changed user settings to those user records.

V. Computer Systems

Any of the computer systems mentioned herein may utilize any suitable number of subsystems. Examples of such subsystems are shown in FIG. 8 in computer apparatus 10. In some embodiments, a computer system includes a single computer apparatus, where the subsystems can be the components of the computer apparatus. In other embodiments, a computer system can include multiple computer apparatuses, each being a subsystem, with internal components.

The subsystems shown in FIG. 8 are interconnected via a system bus 75. Additional subsystems such as a printer 74, keyboard 78, storage device(s) 79, monitor 76, which is coupled to display adapter 82, and others are shown. Peripherals and input/output (I/O) devices, which couple to I/O controller 71, can be connected to the computer system by any number of means known in the art such as input/output (I/O) port 77 (e.g., USB, FireWire®). For example, I/O port 77 or external interface 81 (e.g. Ethernet, etc.) can be used to connect computer system 10 to a wide area network such as the Internet, a mouse input device, or a scanner. The interconnection via system bus 75 allows the central processor 73 to communicate with each subsystem and to control the execution of instructions from system memory 72 or the storage device s) 79 (e.g., a fixed disk, such as a hard drive or optical disk), as well as the exchange of information between subsystems. The system memory 72 and/or the storage device(s) 79 may embody a computer readable medium. Any of the data mentioned herein can be output from one component to another component and can be output to the user.

A computer system can include a plurality of the same components or subsystems, e.g., connected together by external interface 81 or by an internal interface. In some embodiments, computer systems, subsystem, or apparatuses can communicate over a network. In such instances, one computer can be considered a client and another computer a server, where each can be part of a same computer system. A client and a server can each include multiple systems, subsystems, or components.

It should be understood that any of the embodiments of the present invention can be implemented in the form of control logic using hardware e.g. an application specific integrated circuit or field programmable gate array) and/or using computer software with a generally programmable processor in a modular or integrated manner. As used herein, a processor includes a single-core processor, multi-core processor on a same integrated chip, or multiple processing units on a single circuit board or networked. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art will know and appreciate other ways and/or methods to implement embodiments of the present invention using hardware and a combination of hardware and software.

Any of the software components or functions described in this application may be implemented as software code to be executed by a processor using any suitable computer language such as, for example, Java, C, C++, Objective-C, Swift, or scripting language such as Perl or Python using, for example, conventional or object-oriented techniques. The software code may be stored as a series of instructions or commands on a computer readable medium for storage and/or transmission, suitable media include random access memory (RAM), a read only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a compact disk (CD) or DVD (digital versatile disk), flash memory, and the like. The computer readable medium may be any combination of such storage or transmission devices.

Such programs may also be encoded and transmitted using carrier signals adapted for transmission via wired, optical, and/or wireless networks conforming to a variety of protocols, including the Internet. As such, a computer readable medium according to an embodiment of the present invention may be created using a data signal encoded with such programs. Computer readable media encoded with the program code may be packaged with a compatible device or provided separately from other devices (e.g., via Internet download). Any such computer readable medium may reside on or within a single computer product (e.g., a hard drive, a CD, or an entire computer system), and may be present on or within different computer products within a system or network. A computer system may include a monitor, printer, or other suitable display for providing any of the results mentioned herein to a user.

Any of the methods described herein may be totally or partially performed with a computer system including one or more processors, which can be configured to perform the steps. Thus, embodiments can be directed to computer systems configured to perform the steps of any of the methods described herein, potentially with different components performing a respective steps or a respective group of steps, Although presented as numbered steps, steps of methods herein can be performed at a same time or in a different order. Additionally, portions of these steps may be used with portions of other steps from other methods. Also, all or portions of a step may be optional. Additionally, any of the steps of any of the methods can be performed with modules, circuits, or other means for performing these steps.

The specific details of particular embodiments may be combined in any suitable manner without departing from the spirit and scope of embodiments of the invention. However, other embodiments of the invention may be directed to specific embodiments relating to each individual aspect, or specific combinations of these individual aspects.

The above description of exemplary embodiments of the invention has been presented for the purposes of illustration and description. It is not intended to be exhaustive or to limit the invention to the precise form described, and many modifications and variations are possible in light of the teaching above. The embodiments were chosen and described in order to best explain the principles of the invention and its practical applications to thereby enable others skilled in the art to best utilize the invention in various embodiments and with various modifications as are suited to the particular use contemplated.

A recitation of “a”, “an” or “the” is intended to mean “one or more” unless specifically indicated to the contrary. The use of “or” is intended to mean an “inclusive or,” and not an “exclusive or” unless specifically indicated to the contrary.

All patents, patent applications, publications, and descriptions mentioned herein are incorporated by reference in their entirety for all purposes. None is admitted to be prior art 

What is claimed is:
 1. A method for applying a set of user settings for different cloud services to a group of users, the method comprising performing, by a computer system: generating a first model profile based on a first user profile, the first model profile including a first set of user settings for different cloud services, wherein the first set of user settings includes a first user setting for a first cloud service and a second user setting for the second cloud service; assigning the first model profile to a first group of users; applying the first set of user settings to user records associated with the first group of users such that each of the user records is configured with the first set of user settings in the first model profile; receiving a first change of the first user setting and a second change of the second user setting in the first model profile; updating the model profile with the changed first and second user settings; and applying the changed first and second user settings to the first group of users such that each of the user records for the users in the first group is configured with the changed first and second user settings.
 2. The method of claim 1, further comprising: receiving a request for updating the model profile; providing one or more unassigned cloud service providers that are not currently assigned to the model profile; receiving a selection of one or more of the unassigned cloud service providers to identify one or more new cloud service providers; and associating the one or more new cloud service providers with the model profile.
 3. The method of claim 2; further comprising locating the user records for the users in the first group in response to the updating of the model profile; and assigning the one or more new cloud service providers to the user data records for the users in the first group.
 4. The method of claim 1; further comprising: assigning the first model profile to a second group of users such that user records for the users in the second group are configured with the first set of user settings in the first model profile.
 5. The method of claim 1, further comprising storing one or more rules for assigning the first model user profile to users, wherein the rules include a first rule indicates that the first model profile is to be assigned to only one group of users; and, wherein the assignment of the first model profile is consistent with the first rule.
 6. The method of claim 1, further comprising: generating a second model profile based on a second user profile, the second model profile including a second set of user settings for the different cloud services, the second set of user settings including a third user setting for the first cloud service and a fourth user setting for the second cloud service; and assigning the second model profile to the first group of users such that each of user records for the users in the first user group is configured with the second set of user settings in the second model profile.
 7. The method of claim 1; further comprising: receiving a request for updating the model profile; providing one or more assigned cloud service providers that are currently assigned to the model profile; receiving a selection of one or more of the assigned cloud service providers; and removing the one or more selected cloud service providers from the model profile.
 8. The method of claim 1, wherein the first user setting for the first cloud service includes a setting for a type of license provided by the first cloud service, or a setting for a specific group on the first cloud service.
 9. A system for applying a set of user settings for different cloud services to a group of users, the system comprising a process configured by machine-readable instructions configured to cause the system to perform: generating a first model profile based on a first user profile, the first model profile including a first set of user settings for different cloud services, wherein the first set of user settings includes a first user setting for a first cloud service and a second user setting for the second cloud service; assigning the first model profile to a first group of users; applying the first set of user settings to user records associated with the first group of users such that each of the user records is configured with the first set of user settings in the first model profile; receiving a first change of the first user setting and a second change of the second user setting in the first model profile; updating the model profile with the changed first and second user settings; and applying the changed first and second user settings to the first group of users such that each of the user records for the users in the first group is configured with the changed first and second user settings.
 10. The system of claim 9, wherein the process is further configured to cause the system to perform: receiving a request for updating the model profile; providing one or more unassigned cloud service providers that are not currently assigned to the model profile; receiving a selection of one or more of the unassigned cloud service providers to identify one or more new cloud service providers; and associating the one or more new cloud service providers with the model profile.
 11. The system of claim 10, wherein the process is further configured to cause the system to perform: locating the user records for the users in the first group in response to the updating of the model profile; and assigning the one or more new cloud service providers to the user data records for the users in the first group.
 12. The system of claim 9, wherein the process is further configured to cause the system to perform: assigning the first model profile to a second group of users such that user records for the users in the second group are configured with the first set of user settings in the first model profile.
 13. The system of claim 9, wherein the process is further configured to cause the system to perform: storing one or more rules for assigning the first model user profile to users, wherein the rules include a first rule indicates that the first model profile is to be assigned to only one group of users; and, wherein the assignment of the first model profile is consistent with the first rule.
 14. The system of claim 9, wherein the process is further configured to cause the system to perform: generating a second model profile based on a second user profile, the second model profile including a second set of user settings for the different cloud services, the second set of user settings including a third user setting for the first cloud service and a fourth user setting for the second cloud service; and assigning the second model profile to the first group of users such that user records for the users in the first group are configured with the second set of user settings in the second model profile.
 15. The system of claim 9, wherein the process is further configured to cause the system perform: receiving a request for updating the model profile; providing one or more assigned cloud service providers that are currently assigned to the model profile; receiving a selection of one or more of the assigned cloud service providers; and removing the one or more selected cloud service providers from the model profile.
 16. The system of claim 9, wherein the first user setting for the first cloud service includes a setting for a type of license provided by the first cloud service, or a setting for a specific group on the first cloud service.
 17. A computer program product comprising a non-transitory tangible medium including computer system executable code for a computer system for applying a set of user settings for different cloud services to a group of users, the computer system including a processor, a memory and a display, wherein the computer program product comprises code that directs the processor to perform: generating a first model profile based on a first user profile, the first model profile including a first set of user settings for different cloud services, wherein the first set of user settings includes a first user setting for a first cloud service and a second user setting for the second cloud service; assigning the first model profile to a first group of users; applying the first set of user settings to user records associated with the first group of users such that each of the user records is configured with the first set of user settings in the first model profile; receiving a first change of the first user setting and a second change of the second user setting in the first model profile; updating the model profile with the changed first and second user settings; and applying the changed first and second user settings to the first group of users such that each of the user records for the users in the first group is configured with the changed first and second user settings.
 18. The computer program product of claim 17, wherein the code directs the processor to further perform: receiving a request for updating the model profile; providing one or more unassigned cloud service providers that are not currently assigned to the model profile; receiving a selection of one or more of the unassigned cloud service providers to identify one or more new cloud service providers; and associating the one or more new cloud service providers with the model profile.
 19. The computer program product of claim 17, wherein the code directs the processor to further perform: locating the user records for the users in the first group in response to the updating of the model profile; and assigning the one or more new cloud service providers to the user data records for the users in the first group.
 20. The computer program product of claim 17, wherein the code directs the processor to further perform: assigning the first model profile to a second group of users such that user records for the users in the second group are configured with the first set of user settings in the first model profile. 